Administrators who pose a security risk

Editors, Admins and Bureaucrats Oh my!

Administrators who pose a security risk

Postby CrowsNest » Thu Nov 22, 2018 5:27 pm

Unsurprisingly, Wikipedia Administrators Yngvadottir and Iridescent think two factor authentication means you have to buy a smartphone or tablet.

If you are seriously this thick, should you not be desysopped as a security risk immediately? What chance that these people have the first clue about password security?

The people who think content creators make good Administrators, explain this. They're morons. How did they ever even figure out wikicode (because paradoxically, these people are always the same luddites who want Wikipedia articles to be written in its bashed together native code forever and ever, because IT'S THE ONLY THING THEY KNOW HOW TO USE).
You would have lost me as an admin if you'd required TFA. Not only is it far beyond my level of technical comfort, and makes it all too easy to get locked out, I'm not going to spend $400 plus data plan for a smartphone for Wikipedia or anybody else. Massive imposition for little gain to the project in terms of security. Yngvadottir (talk) 22:55, 22 November 2018 (UTC)

Ditto. I act as an admin as a favour to Wikipedia, sysop status isn't a favour Wikipedia does to me. I have no intention of committing to permanently owning—and having permanent access to—an expensive piece of technology which requires a permanent and expensive subscription. purely because Wikipedia is having one of its periodic bouts of security paranoia, and if that means someone else has to clean out CAT:EX instead of me I believe I can live with the loss. ‑ Iridescent 23:01, 22 November 2018 (UTC)


There was also this hilarious post......
Well, I have a password which can not be broken. I do not want to turn on TFA because I (almost) do not use a cell phone. I am not sure why WMF thinks they are more clever than I, and I am already unhappy with 2FA requirement for interface admins - I will possibly have to resign my interface admin rights, but if RFA is required for all admins, I am not sure what I am going to decide. If you want to lose admins with zero benefit, this is probably the way to go.--Ymblanter (talk) 19:33, 22 November 2018 (UTC)
What are the chances someone who barely uses a smartphone, has cracked the holy grail of computer security? No dude, you do not own a quantum computer, and the WMF are most definitely smarter than you. And they 'ain't all that smart.

Again, why would you not immediately desysop this moon boot as a clear and obvious security risk?
User avatar
CrowsNest
 
Posts: 4451
Joined: Mon Feb 26, 2018 8:50 pm

Re: Administrators who pose a security risk

Postby Dysklyver » Fri Nov 23, 2018 2:46 am

CrowsNest wrote:Unsurprisingly, Wikipedia Administrators Yngvadottir and Iridescent think two factor authentication means you have to buy a smartphone or tablet.

If you are seriously this thick, should you not be desysopped as a security risk immediately? What chance that these people have the first clue about password security?


Probably none, but then another admin account was just hacked this week so maybe their passwords are more secure than his, "yolol123" barely a password idea.


CrowsNest wrote:The people who think content creators make good Administrators, explain this. They're morons. How did they ever even figure out wikicode (because paradoxically, these people are always the same luddites who want Wikipedia articles to be written in its bashed together native code forever and ever, because IT'S THE ONLY THING THEY KNOW HOW TO USE).

Wikicode is pretty bad for long term information archival because it is compatible with exactly nothing except mediawiki, and without the templates the data is mostly lost, why Wikipedia ever used it is beyond me.

You would have lost me as an admin if you'd required TFA. Not only is it far beyond my level of technical comfort, and makes it all too easy to get locked out, I'm not going to spend $400 plus data plan for a smartphone for Wikipedia or anybody else. Massive imposition for little gain to the project in terms of security. Yngvadottir (talk) 22:55, 22 November 2018 (UTC)

Not only is this "admin" stupid enough to believe that a smartphone is required, but also stupid enough to believe that a data plan is needed, when the authenticator apps don't ever need internet connection. I mean duh, buy a $30 smartphone, go to a wifi, install the app and never worry about having a data plan.

Ditto. I act as an admin as a favour to Wikipedia, sysop status isn't a favour Wikipedia does to me. I have no intention of committing to permanently owning—and having permanent access to—an expensive piece of technology which requires a permanent and expensive subscription. purely because Wikipedia is having one of its periodic bouts of security paranoia, and if that means someone else has to clean out CAT:EX instead of me I believe I can live with the loss. ‑ Iridescent 23:01, 22 November 2018 (UTC)

Gee, if you think the $30 smartphone is expensive, you need to have your budget examined.

CrowsNest wrote:There was also this hilarious post......
Well, I have a password which can not be broken. I do not want to turn on TFA because I (almost) do not use a cell phone. I am not sure why WMF thinks they are more clever than I, and I am already unhappy with 2FA requirement for interface admins - I will possibly have to resign my interface admin rights, but if RFA is required for all admins, I am not sure what I am going to decide. If you want to lose admins with zero benefit, this is probably the way to go.--Ymblanter (talk) 19:33, 22 November 2018 (UTC)

Well obviously this dude should have 2FA, what if his account is hacked and someone uses his intadmin rights to put malicious javascript into 20 million Wikipedia readers to create a botnet for some bitcoin fraud? Would he ever even be resysopped after such a fuck-up?

CrowsNest wrote:What are the chances someone who barely uses a smartphone, has cracked the holy grail of computer security? No dude, you do not own a quantum computer, and the WMF are most definitely smarter than you. And they 'ain't all that smart.

Again, why would you not immediately desysop this moon boot as a clear and obvious security risk?

That of course, is the real question.

And for any admins reading this worried about losing access to their account after breaking their 2FA device, that is why you ca be radical and set up more than one device, and if you break them all, you can setup new devices using the scratch codes, which FYI you MAKE A PRINTOUT OF so you don't lose them like that idiot who stored them on a faulty USB drive.
De facto globally banned on all Wikimedia sites. Editor of The Wiki Cabal. find me on the Wiki Treehouse Discord.
User avatar
Dysklyver
 
Posts: 373
Joined: Thu Jun 21, 2018 2:14 am

Re: Administrators who pose a security risk

Postby Dysklyver » Fri Nov 23, 2018 6:46 am

Now, lets see what the admins think...
[...] I think it would also be helpful to make two factor authentication mandatory for all admins, and desysop those who do not turn it on. It would stop this kind of disruption. Ritchie333 (talk) (cont) 18:09, 22 November 2018 (UTC)

I agree with the idea of desysoping (or at least warning) people for not using 2FA, but there would have to be some kind of cool-down period. Earlier this month, I had to get my phone replaced, meaning I went a day or so without 2FA. It simply wouldn't have been efficient to remove the bit for only 24 hours (especially because I was still active). Perhaps existing admins should get a month or two to set it up, all new admins get one week post RFA closure, and all admins that need to temporarily disable it also get a week. Anarchyte (talk | work) 23:12, 22 November 2018 (UTC)

I strongly disagree with any forced 2FA idea. Forcing editors to have a certain device in order to be admins runs contrary to our most basic principles. There is no rational reason to preclude people unwilling or unable to use such additional devices from being admins. Especially since 2FA is still a hassle as Anarchyte points out and any problem with the device might render an admin incapable of editing at all. Plus, how many active admin accounts have been compromised? Regards SoWhy 11:58, 23 November 2018 (UTC)


This is in a discussion which proposes to desyop 288 adminstators and 4 crats because they haven't even made a single logged admin action for a year or more.

Meanwhile, Guy Macon has proven he is a complete moron as well, by digging up some dodgy links to illustrate his idea that 2FA is less secure than a long password.

Mandatory 2FA considered harmful
Allowing 2FA is fine, as long as the scheme uses meets the requirements of [ https://pages.nist.gov/800-63-3/sp800-63b.html#sec5 ]. Encouraging 2FA is also fine. Requiring' 2FA is a really, really bad idea. It is security theater, and in general is less secure than simply using a long, easy-to-remember-but difficult-to guess passphrase.

https://www.makeuseof.com/tag/two-factor-authentication-sms-apps/
https://www.wired.com/story/two-factor-authentication-apps-authy-google-authenticator/
https://thestack.com/security/2016/04/08/anywhere-computing-makes-2fa-insecure-on-ios-and-android/

--Guy Macon (talk) 07:38, 23 November 2018 (UTC)


Like wow really. :mrgreen:
De facto globally banned on all Wikimedia sites. Editor of The Wiki Cabal. find me on the Wiki Treehouse Discord.
User avatar
Dysklyver
 
Posts: 373
Joined: Thu Jun 21, 2018 2:14 am

Re: Administrators who pose a security risk

Postby CrowsNest » Fri Nov 23, 2018 9:46 am

Guy Macoin is a fuckwit, everything he says is pure idiocy by default. He survives on Wikipedia because being an idiot isn't a blockable offence, pointing out is he one is.

I guess we can add So Why to the list of Administrators who need to be desyopped as a clear and obvious security risk, not only for not realising you don't need a "device", secondly because anyone who thinks it matters whether a compromised Administrator account was active or not, is definitely a security risk.

The surprising thing here was that Ritchie is the one talking sense. I'm sure if we just wait, he'll say something dumb, I really would be surprised if someone with his warped ideas about what is and is not important, actually appreciated the need for mandatory 2FA. He may just see it as one more way to Lord of over non-Admins.

That aside, not only would it sort out the technically capable from the dopey bastards, it might weed out those who don't take the role very seriously. If people can't take the time to even figure out what 2FA requires, what chance they have ever even read the basic policies, much less would be bothered to take the time required to investigate any non-trivial issue requiring Administrator input?

Lazy Administrators have played a big part in how and why Wikipedia sucks, it's about time they started wedding them out.
User avatar
CrowsNest
 
Posts: 4451
Joined: Mon Feb 26, 2018 8:50 pm

Re: Administrators who pose a security risk

Postby NadirAli » Sat Nov 24, 2018 3:45 pm

I would count just about every administrator, like 90% as a security threat to Wikipedia.

CrowsNest wrote:Lazy Administrators have played a big part in how and why Wikipedia sucks, it's about time they started wedding them out.


To quote my departed Wikipedian friend, Szhaider:
With the blindness of neutral admins and hawkish stance of rest of them Wikipedia is doomed to fail. Literally thousands of articles comprise 95% made-up information from mathematics to politics. Wikipedia hawks say it is not a Democracy but the reality is if you have more than a billion population compared to 140 million, you can put anything in your own favour with the force of higher number of contributors overwhelming smaller number of editors who will be voted against to ban if they dare confront with their neutrality.
Last edited by NadirAli on Sun Nov 25, 2018 11:55 pm, edited 1 time in total.
User avatar
NadirAli
 
Posts: 48
Joined: Wed Aug 29, 2018 10:55 am

Re: Administrators who pose a security risk

Postby Dysklyver » Sat Nov 24, 2018 4:27 pm

On WP:AN now, rather than worrying about the fact that dozens of admin accounts are still compromised by crazy trolls and the "violent porn vandal" they are rolling out Admins V2. These new and improved admins are of course the "interface admins" they created earlier. The idea is to put the mainpage under enhanced protection so normal admins can't edit it, and then to roll this out to other vulnerable pages.

https://en.wikipedia.org/w/index.php?title=Wikipedia:Administrators%27_noticeboard&oldid=870461640#Proposing_a_temporary_measure_to_assist_in_protecting_the_Main_Page

Next in the pipeline may be removing the "unblockself" perm from the admin toolset.
De facto globally banned on all Wikimedia sites. Editor of The Wiki Cabal. find me on the Wiki Treehouse Discord.
User avatar
Dysklyver
 
Posts: 373
Joined: Thu Jun 21, 2018 2:14 am

Re: Administrators who pose a security risk

Postby CrowsNest » Sat Nov 24, 2018 7:05 pm

Wikipedians are a pretty stupid bunch. Fair enough if this was a proposal from the community, but everything about the way this has been proposed, and is being received, has been seen in the plot of every political drama post-9/11.

Someone should really tell them that nine out of the last ten attacks on the Main Page, have not seen the vandal directly editing the page. Most of those commenting there don't have the first clue how these things are done these days. They're deliberately kept in the dark, on the rather idiotic assumption that these vandals are getting their ideas simply from watching what these headless chickens say in the aftermath of an attack. They are most assuredly not. As we've seen many at time, these sophisticated vandals are often disgruntled editors looking for a spectacular way to exact revenge, the editors who already had the knowledge and skills to screw Wikipedia this way.

I agree with Black Kite, they should do away with the ability of Administrators to unblock themselves. For a start, it would hilarious to see those Administrators who "mis-click" and accidentally block themselves, have to embarrassingly request an unblock. Second, it will be hilarious watching the next compromised Admin account try to block as many other Administrators as he can. Other than that, a characteristically genius idea from that dumbass. HTD Inc. should have him on a retainer, the amount of damage he has caused over the years.
User avatar
CrowsNest
 
Posts: 4451
Joined: Mon Feb 26, 2018 8:50 pm

Re: Administrators who pose a security risk

Postby CrowsNest » Sat Nov 24, 2018 7:12 pm

Remember when Ritchie got mad when he couldn't understand why they weren't minded to just hand out Interface Admin rights to anyone who just thought they might use it now and again.

Do you think he even has the first idea that this is what they were talking about? As someone has already pointed out, if all these temporary but soon to be permanent measures end up doing is increase the number of Interface Administrators, then it all rather defeats the object of the exercise.
User avatar
CrowsNest
 
Posts: 4451
Joined: Mon Feb 26, 2018 8:50 pm

Re: Administrators who pose a security risk

Postby CrowsNest » Mon Nov 26, 2018 2:21 pm

Do I dare take credit for the fact that now the easily frightened and often confused have had their say, wiser heads have figured out the massive drawbacks to this so called temporary measure?

I mean, not that it didn't sound like a great idea, elevating The Rambling Man to the same status as a handful of super duper trusted Administrators, but maybe a rethinking of your entire trust/access model would cause less grief and indeed less amusement for onlookers?

You could just give up now of course. I mean, you do get that this an Arms Race that you will ultimately lose? I mean, let's just cut to the chase - are you going to abandon your commitment to anonymity? If not, then you just be you, warts and all.
User avatar
CrowsNest
 
Posts: 4451
Joined: Mon Feb 26, 2018 8:50 pm

Re: Administrators who pose a security risk

Postby CrowsNest » Thu Nov 29, 2018 6:56 pm

Classic Guy Macon......
Multiple attempts to log on to my account
There have been over 400 attempts to log on to my Wikipedia account, and the number is growing as I speak.

They aren't going to succeed -- my passphrase consists of 256 random characters generated from a hardware random number generator -- but I thought that somebody might want to track the IP address being used and see if they have an account. --Guy Macon (talk) 19:19, 29 November 2018 (UTC)
Risk advertising to the world what they should be programming their malware to look for if they want his password (hey, why not just try the clipboard?), for the vanishingly small possibility that the person trying to hack him is dumb enough to use their Wikipedia IP to do it.
User avatar
CrowsNest
 
Posts: 4451
Joined: Mon Feb 26, 2018 8:50 pm

Next

Return to Wikipedians

Who is online

Users browsing this forum: No registered users and 1 guest